Описание
In Asterisk 11.x before 11.25.3, 13.x before 13.17.2, and 14.x before 14.6.2 and Certified Asterisk 11.x before 11.6-cert18 and 13.x before 13.13-cert6, insufficient RTCP packet validation could allow reading stale buffer contents and when combined with the "nat" and "symmetric_rtp" options allow redirecting where Asterisk sends the next RTCP report.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | 1:13.18.3~dfsg-1ubuntu4 |
| cosmic | not-affected | 1:13.18.3~dfsg-1ubuntu4 |
| devel | not-affected | 1:13.18.3~dfsg-1ubuntu4 |
| disco | not-affected | 1:13.18.3~dfsg-1ubuntu4 |
| eoan | not-affected | 1:13.18.3~dfsg-1ubuntu4 |
| esm-apps/bionic | not-affected | 1:13.18.3~dfsg-1ubuntu4 |
| esm-apps/focal | not-affected | 1:13.18.3~dfsg-1ubuntu4 |
| esm-apps/jammy | not-affected | 1:13.18.3~dfsg-1ubuntu4 |
| esm-apps/noble | not-affected | 1:13.18.3~dfsg-1ubuntu4 |
Показывать по
EPSS
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
In Asterisk 11.x before 11.25.3, 13.x before 13.17.2, and 14.x before 14.6.2 and Certified Asterisk 11.x before 11.6-cert18 and 13.x before 13.13-cert6, insufficient RTCP packet validation could allow reading stale buffer contents and when combined with the "nat" and "symmetric_rtp" options allow redirecting where Asterisk sends the next RTCP report.
In Asterisk 11.x before 11.25.3, 13.x before 13.17.2, and 14.x before ...
In Asterisk 11.x before 11.25.3, 13.x before 13.17.2, and 14.x before 14.6.2 and Certified Asterisk 11.x before 11.6-cert18 and 13.x before 13.13-cert6, insufficient RTCP packet validation could allow reading stale buffer contents and when combined with the "nat" and "symmetric_rtp" options allow redirecting where Asterisk sends the next RTCP report.
EPSS
5 Medium
CVSS2
7.5 High
CVSS3